package com.zxt.dlykserver.config;

import com.zxt.dlykserver.config.handler.MyAuthenticationFailureHandler;
import com.zxt.dlykserver.config.handler.MyAuthenticationSuccessHandler;
import com.zxt.dlykserver.service.UserService;
import jakarta.annotation.Resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

import java.lang.reflect.Array;
import java.util.Arrays;

@Configuration
public class securityConfiguration {
    @Resource
    private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
    @Resource
    private MyAuthenticationFailureHandler myAuthenticationFailureHandler;

    @Bean//创建密码编码器  解决    There is no PasswordEncoder mapped for the id "null"
    public PasswordEncoder passwordEncoder() {
       return new BCryptPasswordEncoder();
    }

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http, CorsConfigurationSource configurationSource) throws Exception {
        return http.formLogin((formLogin)->{
            formLogin.loginProcessingUrl("/api/login")
                                .usernameParameter("loginAct")
                        .passwordParameter("loginPwd")
                    .successHandler(myAuthenticationSuccessHandler)
                    .failureHandler(myAuthenticationFailureHandler);
        })

                .authorizeHttpRequests( (authorize) -> {
                    authorize.requestMatchers("/api/login").permitAll()
                            .anyRequest().authenticated(); //其它任何请求都需要登录后才能访问
                })


                .csrf(csrf->csrf.disable())//禁用csrf跨站请求伪造
                //允许跨域请求
                .cors((cors)->{
                    cors.configurationSource(configurationSource);
                })
                .build();

    }
    @Bean
    @Primary
    public CorsConfigurationSource configurationSource() {
        CorsConfiguration configuration = new CorsConfiguration();
        configuration.setAllowedOrigins(Arrays.asList("*")); //允许任何来源，http://localhost:8081
        configuration.setAllowedMethods(Arrays.asList("*")); //允许任何请求方法，post、get、put、delete
        configuration.setAllowedHeaders(Arrays.asList("*")); //允许任何的请求头

        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        //注册跨域配置，允许所有请求地址访问该接口
        source.registerCorsConfiguration("/**", configuration);
        return source;
    }


}
